About Layer 2 Protocol Tunneling - Cisco Catalyst 4500 series Administration Manual

Chapter 29 Configuring 802.1Q Tunneling, VLAN Mapping, and Layer 2 Protocol Tunneling
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# interface
interface-id
Step 3
Switch(config-if)# switchport mode
trunk
Step 4
Switch(config-if)# switchport vlan
mapping vlan-id dot1q-tunnel outer
vlan-id
Step 5
Switch(config-if)# end
Step 6
Switch# show interfaces
interface-id vlan mapping
Step 7
Switch# copy running-config
startup-config
Use the no switchport vlan mapping vlan-id dot1q-tunnel outer vlan-id command to remove the
VLAN mapping configuration. Entering the no switchport vlan mapping all command deletes all
mapping configurations.
This example shows how to configure selective QinQ mapping on the port so that traffic with a C-VLAN
ID of 1 to 5 enters the switch with an S-VLAN ID of 100. The traffic of any other VLAN IDs is dropped.
Switch(config)# interface gigabiethernet0/1
Switch(config-if)# switchport vlan mapping 1-5 dot1q-tunnel 100
Switch(config-if)# exit

About Layer 2 Protocol Tunneling

Note IPsec VPN is supported for control plane traffic protection on the management port, and must be used
for management purposes only.
Customers at different sites connected across a service provider network need to use various Layer 2
protocols to scale their topologies to include all remote and local sites. STP must run properly, and every
VLAN should build a proper spanning tree that includes the local site and all remote sites across the
service provider network. Cisco Discovery Protocol (CDP) must discover neighboring Cisco devices
from local and remote sites. VLAN Trunking Protocol (VTP) must provide consistent VLAN
configuration throughout all sites in the customer network.
When protocol tunneling is enabled, edge switches on the inbound side of the service provider network
encapsulate Layer 2 protocol packets with a special MAC address and send them across the service
provider network. Core switches in the network do not process these packets but forward them as normal
packets. Layer 2 protocol data units (PDUs) for CDP, STP, or VTP cross the service provider network
and are delivered to customer switches on the outbound side of the service provider network. Identical
packets are received by all customer ports on the same VLANs with these results:
OL_28731-01
Purpose
Enters global configuration mode.
Enters interface configuration mode for the interface connected to the
service provider network. You can enter a physical interface or an
EtherChannel port channel.
Configure the interface as a trunk port.
Enters the VLAN IDs to be mapped:
vlan-id—the customer VLAN ID (C-VLAN) entering the switch
•
from the customer network. The range is from 1 to 4094. You can
enter a string of VLAN-IDs.
outer-vlan-id—Enter the outer VLAN ID (S-VLAN) of the service
•
provider network. The range is from 1 to 4094.
Returns to privileged EXEC mode.
Verifies the configuration.
(Optional) Saves your entries in the configuration file.
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
About Layer 2 Protocol Tunneling
29-13